IPS  nasce  nel  2000  come  azienda  speoalizzata  nello  sviluppo  di  soluzioni 
e fomitura  di  servi2i  per  il  settore  della  Cyber  Security  ed  e oggi  una  im- 
portante  realta  nazionale  parte  di  un  gruppo  di  circa  200  unite. 

II  know-how  acquisito  negli  anni  e una  struttura  di  qualificati  progettisti 
hardware  e software  consentono  ad  IPS  di  offrire  soluzioni  e prodotti  con 
tecnologta  proprietaria  nei  settori  della 
Communication  Security  e dell  Electronic  Surveillance. 

La  Society  si  distingue  per  llntegrazione  di  competenze  in  ambito  IT,  Reti, 
Security  e Media  e per  la  continua  innovazione  tecnologia  che  le  consente 
di  confrontarsi  con  la  crescente  esigenza  di  soluzioni  multimediali. 

LA  NOSTRA  VISIONE 

"Realizzare  un  progetto  industriale  chesviluppi  tecnologie  innovative. 

rafforzando  il  rapporto  di  fiducia  con  il  cliente,  grazie  alia  continua  crescita 
dell'azienda  e dei  suoi  uomini,  ponendo  la  correttezza  e la  serieta  profes- 
sionale  come  valori  imprescindibili  e prioritari  rispetto  a qualsiasi  op- 
portunity di  business. 


IPS  has  been  established  in  2000  as  an  independent  private  company  to  de- 
velops solutions  for  Cyber  Security  and  it  is  part  of  a group  counting  around 
200  people. 

Thanks  to  its  know-how  and  high  qualified  hardware  and  software  engineers 
IPS  is  a technology  industry  that  designs  and  manufactures  products  and  so- 
lutions for  Communication  Security,  cyber  investigation  ond  Electronic  Sur- 
veillance sectors. 

By  integrating  its  capabilities  in  networking,  Security,  IT ond  Media  and  th- 
rough a continuous  technology  innovation  IPS  can  fulfill  the  market  growing 
need  of  multimedia  solutions. 

OUR  VISION 

"To  carry  out  an  industrial  project,  by  developing  innovative  technolo- 
gies, with  the  aim  of  strengthening  the  customers ' trust,  thanks  to  the  con- 
tinuous growth  of  the  compony  and  its  people,  plocing  honesty  ond 
reliability  os  fundamental  values,  beyond  cny  business  opportunities". 
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INTERCEPTS 


GENESIS  Monitoring  Centre  is  an  innovative  centralized 
system,  supporting  the  Law  Enforcement  Agencies  investiga- 
tions to  manage  in  a unified  manner  audio,  video  and  data  in- 
terception as  well  as  telephone  Call  Detail  Records  and  Log  files 
analysis. 

It  is  an  integrated  solution  capable  of  handling  different 
interception  technologies  such  as  Audio,  Video  and  Data 
Communication  coming  from  suriveillance  equipment  as  well 
as  all  the  current  network  technologies  including  PSTN,  ISDN, 
ADSL,  GSM,  GPRS,  UMTS,  Internet,  etc.  assuring  data  security 
and  Integnty  and  at  the  same  time  bringing  a significant  cost 
reduction  for  the  government  administration. 


Thanks  to  GENESI™  Monitoring  Centre  the  Law  Enforcement 
operator  can  benefit  from  a unified  system  having  a single 
graphic  interface  to: 

• view  the  fist  of  communications  (voice,  fox.  internet  etc.) 
mode  by  each  target ; 

• listen  and  view  in  reel  time  or  off  line  telephone  colls  (fixed 
mobile  and  UMTS  videocalh); 

• view  in  real  rime  and  off-fine  data  communications  (Fox,  Sms, 
Videoconference.  Internet,  etcj; 

• hsten/view  audio/video  from  surveillance  devices  such  as 
Microphones,  GPS  tracking  devices  or  TVCC; 

• analyze  COP  and  log  files. 
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The  GENESI™  Monitoring  Centre  modularity  allows  the 
deployment  of  small  to  large  LEMF  according  to  customer 
requirements  and  communication  Infrastructure. 

The  system  consists  of  the  following  main  modules: 

• acquisition  front-end; 

• recording  ond  management  server; 

• operator  workstations  for  playback  and  onafysis. 


Front  End 

Front  Ends  are  made  of  modules  capable  of  hosting  many 
interface  cards  to  be  connected  to  the  distribution  network 
through  whkh  they  receive  intercepted  communications. 

Recording  and  Management  Server 

This  is  the  heart  of  the  system,  which  receives  from  the  Front 
Ends  the  content  of  Audio,  Video  & Data  Communication  (CC),the 
Interception  Related  Information  (CDR  or  IRI)  and  stores 
everything  In  Its  centralized  DB. 

Operator  Workstation 

It  interacts  via  LAN/WAN  with  the  Server  component  and 
allows  playback  of  Audio,  Video  and  Data  {Fax,  Sms.  Videocalls, 
Inter  net  Traffic,...)  both  real  time  and  off-line.Thanks  to  a multimed 
application  the  Law  Enforcement  operator  can  watch  web  pages, 
play  AudxxA/ideo,  analyze  CDR.  etc.  according  to  its  specific  user 
profile. 
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GRC  Solution  - Governance,  Risk  Management  & 
Compliance  - gathers  all  the  necessary  information  to 
manage  the  security  of  an  organization.  Using  GRC  the 
company  is  able  to  perform  an  assessment,  to  identify 
the  compliance  levels  compared  to  a predefined  metric, 
to  discover  vulnerabilities  (technological  organizational 
and  physical),  to  compute  the  risks  and  find  the  right 
treatment  and  countermeasures  referring  to  the  nation- 
al and  international  standards  and  regulations. 


Risk  Analysis  module  includes  several  libraries  to  make 
risk  analysis.  Libraries  are  completely  customizable 
through  the  platform  management  module.  This  mo- 
dule allows  customers  to  select  specific  libraries  or  per- 
sonalize themselves,  according  to  their  specific  needs. 
Every  requirement  , addressed  by  standards  and  law. 
generates  different  countermeasures  for  each  kind  of 
asset  or  stream  (physical  organizational  or  logical  se- 
curity). 
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C MODUS'  - Oo^r nance,  Compkancc 


CHORUS5  is  a GRC  system  that  manages  in  a centralized 
v/ay  the  risk  related  to  the  information  (information  as- 
set), In  accordance  with  the  standard  IS027000  family, 
provi-ding  indicators  on  the  compliance  to  law  and  secu- 
rity standards  (ISO,  PCI  OSS). 

RISK  ASSESSMENT  (RA) 

The  methodology  used  by  this  module  allows  to  calculate 
the  risk  based  on  critical  asset  (information  contained  on 
It),  threats  (technological  physical  and  organizational), 
vulnerabilities  and  countermeasures. 

CHORUS1  calculates  risks  coefficients  for  each  security  re- 
quirement (Confidentiality,  Integrity  and  Availability). 
CHORUS1  works  with  areas  called  contexts  (f.i.  a treat- 
ment. a process,  one  single  service,  one  application  or  a 
platform)  on  which  it  is  possible  to  perform  an  assessment 
in  different  sessions  to  trace  risk  evolution  over  time. 


Everything  is  processed  following  the  IS027005  standard 

CHORUS1  allows  to  automatically  compute  technological 
vulnerabilities  that  are  on  the  systems  through  the  relation 
between  internal  Vulnerability  Assessment  (VA)  Systems 
and  external  information  sources  like  NVDB  and  NIST. 

Based  on  the  VA  and  the  update  of  the  vulnerability  OB,  the 
platform  allows,  in  an  automatic  way.  to  trace  new  vulne- 
rabilities (CVE)  with  high  Exposure  Factor  (calculated  follo- 
wing the  CVSS  standard). 


'CHORU 


It  allows  to  find  the  technological  risk,  ensuring  an  auto-  The  module  publishes  the  reports  and  the  indicators  fol- 
matfc  and  objective  risk  update.  lowing  a scheduled  timesheet. 
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COMPLIANCE  & AUDIT 

Auditing  & Compliance  module  provides  libraries  for  Gap 
Analysis  activity  and  compliance  management. 

It  is  able  to  manage  a complex  audit  process  (of  a service, 
an  area,  a function,  an  application,  a system),  including 
different  rules,  with  different  grants  inside  the  company. 
CHORUS1  manages  the  startup  of  an  audit  campaign, 
centralizing  all  the  audit  Information  based  on  the  answers 
gathered,  the  compliance  diagrams  compared  to  the 
security  baseline.  With  this  module  customers  can  define 
their  own  baseline  on  which  to  do  the  audit,  (f.i.  internal 
policies,  etc.) 

WHAT  IF  ANALYSIS 

With  this  module  customers  can  perform  analysis  of  the 
treatment  scenarios:  the  platform,  considering  the  non- 
compliance  and  the  risks  found,  proposes  the  necessary 
treatments  and  allows  to  simulate  the  risk  decline  to 
identify  the  best  treatment  plan  to  be  applied. 

ACTION  PLAN 

The  module,  after  the  approval  of  the  risk  treatment 
plan,  can  schedule  it  giving  priorities,  times  resources, 
responsibilities,  detailed  actions.  This  module  also  allows 
monitoring  the  progress  of  the  plan  and  the  impact  on  the 
risk  matrix  and  on  the  residual  risk. 
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The  platform  provides  several  reports  and  templates  that 
can  be  customized  In  a very  simple  way. 

SECURITY  KNOWLEDGE  BASE 

The  module  publishes  all  the  information  on  indicators, 
risk  analysis  reports,  treatment  plans,  residual  risks  matrix, 
support  documentation,  ISMS  policies  and  procedures, 

BIA 

The  methodology  used  by  this  module  is  based  on  the 
ISO27O0T,  BS25999.  ABI  LAB  standards,  and  gives  the  eco- 
nomic loss  for  each  systems  stop  over  time. 

With  this  module  customers  can  estimate  the  financial  im- 
pact every  time  a service  stops . 

Based  on  this  analysis  customers  can  give  priority  to  their 
investments  in  the  technological  Infrastructure. 

The  module  gives  all  the  information  to  implement  the 
best  Business  Continuity  Strategy. 


DASHBOARD  & REPORTING 

This  module  is  a DSS  (Decision  Support  System):  it  allows 
navigating  the  internal  CHORUS5  DB  to  calculate  the  risk 
indicators  (KRI).  The  module  allows  creating  metrics  and 
elements  that  aggregated  provide  graphical  KRI. 
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GENESI™  Monitoring  Centre  is  suitable  to  support  LEAs 
for  tactical,  logistic  and  investigative  operations  such  as: 

• Audio,  Video  & Data  Monitoring 

• Critical  Infrastructure  Security 

Bugging  devices  rightly  positioned  in  the  subject  envi- 
ronment are  able  to  send  intercepted  data  to  GENESI™ 
Monitoring  Centre  to  be  processed  and  analyzed. 

These  devices  allow  the  following  activities: 

• GPS  Tracking 

• Audio  Monitoring 

• Video  Monitoring 


Audio  Monitoring 

Voice  can  be  gathered  by  the  use  of  enhanced  set  of 
different  microphones  transmitting  in  real  time  all  the 
captured  audio  to  the  Monitoring  Centre  via  fixed  or 
mobile  networks. 

The  GENESI™  Monitoring  Centre  also  allows  to  con- 
figure the  functional  parameters  of  bugging  devices  as 
well  as  to  upgrade  their  firmware. 


GPS  Tracking 

Tracking  of  targets  can  be  done  in  a real  time  mode 

correctly  installing  GPS  bugging  devices  that  transmit  to 

the  Monitoring  Centre  positioning  information: 

• Simultaneous  multi-targets  tracking; 

• Possibility  of  immediate  bug  freezing  (useful  for 
anti-scanning  detection); 

• Remote  performances  tuning  through  DTMF  tone 
sequences  to  be  transmitted  to  the  bug  itself; 

• Possibility  to  define  areas  of  interest  and  get  alerts 
on  targets  entering  in  those  areas; 

• Up  to  date  cartography  and  localization  software; 

• Status  parameters  available  for  real  time  system 
chech  (battery  level, ...). 


Video  Monitoring 

GENESI™  Monitoring  Centre  supports  any  kind  of 
microcamera  allowing  the  tuning  and  moving  control 
through  operator  workstation. 

Motion  detection  features  are  also  Included. 
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Facebook  Relations  Analysis 

Target  Profiling 

Genesi™  Platform 
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Target  Profiling 

Technology  for  investigation 


features  OrFCRCO 

• target  profiling 

• CONTACT  UST  (flRSND& 
SECONDARY  CONTACTS.,,) 

• COUNTS  OF  THE  NUMBER 
Of  messages 

EXCHANGED 

• RELATIONSHIPS  CHART 

• DATA  EXPORT  (HTML,  XML, 
TXT..) 
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Reports  and  contents  of  messages 
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Network  Intercept ion'Platforp*^ 


- NETWORK  ihi^EPENDENT 
-GENTRAUSEDM^NAGEMENT 

/DYNAMIC  addresv^upport 

- CONTENT  FILTERING^ 
-TEMPORARY  BUFFERIN^and  S 

- SCALABLE,  FLEXIBLE  \/ 


GENESI™  Network  Interception  Platform  is  a system  with 
real-time  monitoring  and  intercepting  capabilities  for  the  traffic 
being  generated  by  IP  network  users. 

This  product  is  intended  for  Service  Providers  to  monitor  and 
intercept  Internet  traffic  data. 

It  Is  able  to  operate  in  real  time  as  well  as  to  store  the  traffk  for 
future  analysis  or  filing  purposes. 

The  system,  part  of  GENESI™  platform,  the  environment  for 
monitoring  IP  and  CS  networks  designed  by  IPS.  is  highly  flexi- 
ble. scalable  and  easy  to  maintain,  as  well  as  capable  of  meeting 
current  data  network  configurations  including  second  and  third 
generation  telephony  scenarios  (GPRS-UMTS).  Its  hardware/ 
software  components  allows  real-time  interception  of  different 
types  of  Internet  Content  and  Services  (Le.e-mall  messages.  Web 
accesses.  Chat  sessions*  etc.). 

A set  of  probes  are  installed  up  without  making  any  changes  to 
the  existing  network  infrastructu re,  norvintruslvely  on  lines  to  be 
monitored. 

The  system  is  easy  to  use  and  include  centralized  remote  Con- 
figuration & Alerting  System  (CAS)  and  Provisioning  & Adrmni 
strative  Centre  {PAC 

Probes 

They  are  network  elements  with  detecting  capabilities  of  speci- 
fic users  traffic. 

These  probes  are  connected  non- intrusively  on  the  line  to  be 
monitored  through  dedicated  built  in  network  interface  cards. 

The  main  functions  carried  out  by  each  probe  include: 

• tracing  the  traffic  to  be  intercepted  and  providing  the 
interception  Related  information  (iRi).  such  as  receiver  ond 
caller  IP's,  session  duration,  protocols  used,  etc ; 

• making  the  IfU  ond  Call  Content  (CCJ  for  the  traffk  intercepted 
available  in  real  time. 

Main  line  interfaces  available: 

• 10/100  Mbps; 

• 1 Gbps ; 

• lOGbps; 

• 40  Gbps  (in  roadmap); 

• Tt/EI; 

• ATM/OC3  and  higher. 


Different  interception  criteria  can  be  used  at  the  same  time  to 
answer  to  the  Authority's  requests: 

• Radius:  Intercepting  a user  identified  by  a user  name; 

• MAC:  intercepting  o user  identified  by  a MAC  address; 

• IP:  Intercepting  a user  identified  by  his  static  IP  Address  or  by  an 
address  range; 

• Content  Filtering:  This  particular  policy  allows  for  * parameter 
based  interceptions'  when  identifying  the  Internet  traffic  con- 
taining specific  text  stnngs  within  the  protocol  header  fie.  l/RC  e- 
mail  account  etc)  or  the  application  content  (i.e.  keyv/ords  inside 
e-mail  messages  or  Web  pages,  etc.). 

The  different  criteria  can  be  combined  to  create  Interception  rules 
able  to  meet  specifk  needs 

Mediation  Device 

In  turn  the  probes  are  connected  via  LANAVAN  to  one  or  more 
mediation  devices  in  charge  of  forwarding  CCs  and  IRI  to 
one  or  more  Monitoring  Centre. 

PAC 

It  is  the  management  system  in  charge  for  the  provisioning  and 
administrative  activities  and  is  made  up  of  a V/eb  server  applica- 
tion for  collecting  the  interception  criteria  and  forwarding  them 
to  the  probes. 
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CAS 

The  Configuration  and  Alerting  System  is  made  up  of  a Web  server 
application  hosting  the  management  and  supervision  features  for 
probes,  mediation  devices  and  PAC 

it  allows  to  display  the  Network  Interception  Platform  devices 
and  their  status 

Networked  devices,  in  fact,  generate  alarms  rf  the  internal  control 
procedures  detect  malfunctions. 
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MCG™  / 

Multi  Conference  Gateway^ 


- AUWO,  VIDEO^ND  DATA  CONFERENCES 
-HI6HSCALABILITV 

-ISDN,  GSM,  GPRS,  UM*S  and  VoIP 
CRYPTO  OPTIONS  X 

-USERS  GROUPS  X J 

- USERS  ID  AND  ACCESS  CONTROL  / 

- RECORDING  FUNCTIONS  X^T 
-LOCAL  AND  REMOTE  MANAGEMTOT 


MCG™  it  a product  developed  by  IPS  for  managing  conference 
grops  of  fixed  and  mobile  users. 

It  is  based  on  a modular  and  scalable  hardware  architecture, 
adaptable  to  the  effective  operative  requirements  MCG™  en- 
ables the  complete  management  of  audio,  video  and  data  con- 
ferences. 


You  can  also  dynamically  re  allocate  a user  from  a group  to  an- 
other one,  without  killing  the  communication. 

Private  numbers 

You  can  configure  particular  users  to  which  associate  private 
numbers  of  the  MCG™  Server,  defining  the  actions  related  to  the 
call  of  such  users;  for  example  you  can  forward  a call  to  another 
user,  or  activate  the  Voice  Messaging  function. 


MCG™  is  available  with  different  types  of  physical  interfaces: 
ISDN,  SIM-Array  GSM/GPRS'UMTS  and  VoIP  based  conferences. 

MCG™  adaptability  to  the  different  network  interfaces  - ISDN, 
mobile  telephony,  IP  - it's  capability  of  configuring  an  unlimited 
number  of  groups,  each  one  consisting  of  an  unlimited  number 
of  users,  also  of  different  type  - both  fixed  and  mobile  users  - 
and  its  capability  of  managing  the  voice,  video  and  data  confer- 
ences, make  it  a unique  tool. 


Voice  messaging 

The  Voice  messaging  function,  enables  a user  to  leave  a vocal 
message.  The  system  may  also  be  configured  in  order  to  allow  the 
sender  leave  a message  without  knowing  the  telephone  number 
or  Identity  of  the  receiver. 

You  can  also  configure  the  system  in  order  to  send  the  receiver  a 
notification  of  received  messages  via  e-mail  or  SMS, 


The  MCG™  Server  is  characterized  by  a high  reliability  hardware, 
redundant  in  its  critical  components  (power  supplier,  CPU,  hard- 
disk), scalable,  with  a client  server  graphical  interface  for  all  the 
functions  of  administration  and  diagnostics  IMCG™  Console). 


Users  and  groups 

Through  the  graphical  interface  you  can  create,  edit  and  delete 
users  and  groups.  For  each  type  of  user,  you  can  enter  personal 
Information  (name,  telephone  number,  IP  address,  etc),  you  can 


Fixed  Users 


^ , Grw*i 

- A x 


TllCO  f»*ch 


£>  & £> 


Mobile  Useis 


~ <0  <0 


IP  Users 


MCG  Server 


«P 


MCG  ComcJle 


In  distributed  architecture,  with  systems  installed  on  different 
sites, you  can  also  set  up  a network  of  MCG™  Servers  managed  by 
one  central  workstat»on,capable  of  creating  distributed  groups. 

System  supervision 

You  can  check  the  general  status  of  the  system,  the  status  of  the 
groups  and  of  the  single  lines  within  each  group  through  the 
available  graphical  Interface  of  the  MCG™  Console. 


specify  the  type  of  user  (fixed,  mobile.  VoIP)  and  the  I'alias  you  want 
to  associate  to  him. 

For  each  group  the  system  defines:  the  users  that  belongs  to  such 
group,  an  untvocal  number  for  its  identification  (Group  W) . an  alias 
(group  A,  group  8.  etc),  and  the  possible  types  of  conferences  - 
voice,  video,  data. 
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Access  control 

In  order  to  enable  the  access  of  the  users  to  the  conference,  the 
system  manages  different  types  of  control:  through  telephone 
number  identification,  through  the  request  of  a PIN  Code 
associated  to  the  user,  and  through  the  number  associated  to  the 
group  the  user  belongs  to. 


Users  functions 

Each  user  who  takes  part  to  a conference,  has  several  functions 
available,  which  can  be  selected  through  the  keyboard 
They  Include  the  microphone  switching  off,  the  video  camera 
switching  off,  leaving  the  conference  group,  the  function  of 
calling  all  the  users  not  yet  on-line. 

Conferences  recording 

The  content  of  each  conference,  can  be  stored  into  the  MCG™ 
Server,  and  can  be  played-back  in  every  moment  after  the  end 
of  the  conference  itself. 


Every  conference  content  is  stored  through  an  univocal  number 
and  through  the  timestamps  of  the  beginning  and  the  end  of 
conference. 

The  typical  functions  of  play-back  are  available  (.Play,  Stop.  Pause); 
you  can  set  some  markers  within  the  conference  itself,  in  order 
to  be  able  to  90  back  straight  to  a certain  point  with  no  need  of 
reproducing  the  entire  conference,  you  can  write  sonr>e  points, 
regulate  the  volume,  apply  audio  filters  and  equalizations,  etc. 

Through  an  internal  software  of  the  MCG™  Console,  vou  can  also 
burn  the  content  of  the  conference  on  a CO/DVD  for  a further 
play-back  on  another  system. 


For  eacn  call  received  or  made,  the  MCG™  Server  records  the 
operation  on  a log  file,  which  is  available  to  the  system 
administrator  through  the  MCG™  Console 

The  format  of  the  log  may  be  configured,  both  as  hie  and  as 
content,  concealing  in  this  way,  some  prrvate  fields. 
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